Congress wants to force the DOD to look into cyber militias, but won't listen when the DOD tells them they don't need alternate engines for the F-35 and don't need other equipment it already has a surplus of and nowhere to store it. Maybe Congress ought to let the DOD do a bit more determining of its own needs.

Someone should tell congress that there's a difference between war and 'cyberwar.' Offense is not a defense here, so the best way to defend ourselves against a cyberattack would be to find and fix security vulnerabilities and to make sure crucial infrastructure is following best practices.

There will be a lot of patriots willing to serve. The hard part for many of the well qualified is passing the physical fitness test...

Heh. There are a few of us out there I'm probably qualified (have a few IT Security certs although it isn't the MAIN focus of my job), and I suspect I could still pass the army physical... but my scores wouldn't be anywhere near what they were 20 years ago in ROTC

I suspect any such positions will be screened prior to release of sensitive data to a civilian, and only in small parts. They wouldn't get a whole picture, only "need to know" per the project assigned, or limited access if they were to work in house. The report will tell us more.

On the plus side, if we're worried about civilian militia members becoming a security risk, it might very well lead the DOD to harden its internal cyber-security. That can't be a bad thing, can it?

There will be a lot of patriots willing to serve. The hard part for many of the well qualified is passing the physical fitness test...

Civilian employees. Not guard. They won't go through basic.

IMO, the hard part will be attracting actual security experts instead of yeeehaw gung ho gamer types who think they know security because they set up a Linksys router once. Whoever vets the applicants at the national guard won't be able to identify good vs bad applicants.

We just got a tech hired for IP sales support for our IP enabled products. His first week here he had a room full of testing computers and he was trying to connect an application from one computer on his LAN to a listening service on another computer on his LAN. It wasn't working. So he came to me and blamed my fibre internet connections (the ones that run the entire business and we'd know the second they went down?) So I went over there and his computers on that LAN were all on different subnets and were all plugged into a hub..... They couldn't ping each other let alone work his application. And an internet connection had fuck all to do with it.

Prior to hire he was interviewed, not by us the IT, or by the engineering. He was interviewed by our sales department.

There will be a lot of patriots willing to serve. The hard part for many of the well qualified is passing the physical fitness test...

Heh. There are a few of us out there I'm probably qualified (have a few IT Security certs although it isn't the MAIN focus of my job), and I suspect I could still pass the army physical... but my scores wouldn't be anywhere near what they were 20 years ago in ROTC

Wonder what a drill weekend for the unit would look like: a hackathon type environment at the armory? What about for annual training, a hackathon type environment in the woods?

There will be a lot of patriots willing to serve. The hard part for many of the well qualified is passing the physical fitness test...

Civilian employees. Not guard. They won't go through basic.

IMO, the hard part will be attracting actual security experts instead of yeeehaw gung ho gamer types who think they know security because they set up a Linksys router once. Whoever vets the applicants at the national guard won't be able to identify good vs bad applicants.

We just got a tech hired for IP sales support for our IP enabled products. His first week here he had a room full of testing computers and he was trying to connect an application from one computer on his LAN to a listening service on another computer on his LAN. It wasn't working. So he came to me and blamed my fibre internet connections (the ones that run the entire business and we'd know the second they went down?) So I went over there and his computers on that LAN were all on different subnets and were all plugged into a hub..... They couldn't ping each other let alone work his application. And an internet connection had fuck all to do with it.

Prior to hire he was interviewed, not by us the IT, or by the engineering. He was interviewed by our sales department.

= RAW From the document:(F) an assessment of the current and po-2 tential ability of the reserve components to—3 (i) attract and retain personnel with 4 substantial, relevant cyber technical exper-5 tise who use those skills in the private sec-6 tor; 7 (ii) organize such personnel into units 8 at the State, regional, or national level 9 under appropriate command and control 10 arrangements for Department cyber mis-11 sions; 12 (iii) meet and sustain the training 13 standards of the United States Cyber 14 Command; and 15 (iv) establish and manage career 16 paths for such personnel;

So yes there are expected to be provisions for training and upkeep. Yah-Hoo gamers and script kiddies need not apply.

Dedicated servicemen for this task would be far more prudent to battle a persistent and growing threat to national security.

Part-time technicians minimally exposed to this level of threat analysis and counter measures may not be as effective as professional career staff.

My understanding (which last I checked is not binding on the DOD) is that they would be full-time security professionals in their civilian jobs. The thing is, calling up such a reserve would be yanking security talent out of private industry right at the moment it is needed.

It is illegal for an employer to retaliate against a Reservist or Guardsman for mobilizing, but the threat of bugging out during a crisis could pre-emptively limit their careers. This doesn't come up in most professions because mobilizations tend to be when business needs are slimmest (natural disasters, etc.).

Dedicated servicemen for this task would be far more prudent to battle a persistent and growing threat to national security.

Part-time technicians minimally exposed to this level of threat analysis and counter measures may not be as effective as professional career staff.

My understanding (which last I checked is not binding on the DOD) is that they would be full-time security professionals in their civilian jobs. The thing is, calling up such a reserve would be yanking security talent out of private industry right at the moment it is needed.

It is illegal for an employer to retaliate against a Reservist or Guardsman for mobilizing, but the threat of bugging out during a crisis could pre-emptively limit their careers. This doesn't come up in most professions because mobilizations tend to be when business needs are slimmest (natural disasters, etc.).

Or maybe the vision is they stay where they are employed and "weaponize" as needed whatever cyber assets (computing power, networks, software tools) the business has as directed by HQ to respond to whatever. Order fulfillment might slow down some, or someone Excel file might take longer to open for the duration but hey its for the sake of the Homeland, right

Dedicated servicemen for this task would be far more prudent to battle a persistent and growing threat to national security.

Part-time technicians minimally exposed to this level of threat analysis and counter measures may not be as effective as professional career staff.

This was my thought as well. The reliance on Reserves and National Guard is a huge part of what's been hurting our readiness. It's the same thinking that's forced much of our military spending into contractors. We've got to break the back of that particular issue if we ever want to really win a war. It's no longer good enough to have cannon fodder. Modern warfare requires professional soldiers, regardless the MOS.

Maybe the US Air Force can finally get out from under the stigma of being known as the "Chair Force" in terms of branches of the US military now.

Don't hold your breath.

Don't get me wrong. I was about as far as you can imagine from an REMF and I dealt with quite a few excellent Air Force personnel during my time in service. The majority of the Air Force positions, however, just don't require the same level of combat readiness. That really isn't a bad thing, IMO. It's just reality. After all, somebody has to do all the light work just like somebody else has to do all the heavy work.

This really depends on exactly what Congress has in mind. If Congress is trying to create entities similar to the Civil Response Teams and standardize them across National Guard unit formations, I see promise in the programs. If Congress is trying to utilize National Guard personnel to permanently fulfill a standing federal directive, the question Congress needs to answer is why does it not task the regular services with that assignment?

This really depends on exactly what Congress has in mind. If Congress is trying to create entities similar to the Civil Response Teams and standardize them across National Guard unit formations, I see promise in the programs. If Congress is trying to utilize National Guard personnel to permanently fulfill a standing federal directive, the question Congress needs to answer is why does it not task the regular services with that assignment?

What Congress "has in mind" only seems to matter for really old law. For anything contemporaneous, lawyers will argue over the text of the statute armed with dozens of contradictory definitions for each term culled from centuries of prior court decisions.

For example, the IRS has been working for years to settle on a single definition of "child."

This is grade A bullshit. My reserve unit doesn't have enough funding or support to do the stuff we're supposed to do. We couldn't get a bus for a big mission on a drill weekend (read- everyone's already getting paid) that big Army approved, because division HQ said no to the bus and Army Reserve command backed them up. AGAINST DC. So instead, I got held back from supporting a Yellow Ribbon conference twenty miles away, my commander went on vacation, and we all just sat around that weekend. Holy fucking spaghetti monster...

This really depends on exactly what Congress has in mind. If Congress is trying to create entities similar to the Civil Response Teams and standardize them across National Guard unit formations, I see promise in the programs. If Congress is trying to utilize National Guard personnel to permanently fulfill a standing federal directive, the question Congress needs to answer is why does it not task the regular services with that assignment?

What Congress "has in mind" only seems to matter for really old law. For anything contemporaneous, lawyers will argue over the text of the statute armed with dozens of contradictory definitions for each term culled from centuries of prior court decisions.

For example, the IRS has been working for years to settle on a single definition of "child."

Wrong. What Congress has in mind very much matters when the DoD starts spending money, especially if the appropriations acts (or continuing resolutions) fund something at a completely different level than what the authorization act suggested.

This really depends on exactly what Congress has in mind. If Congress is trying to create entities similar to the Civil Response Teams and standardize them across National Guard unit formations, I see promise in the programs. If Congress is trying to utilize National Guard personnel to permanently fulfill a standing federal directive, the question Congress needs to answer is why does it not task the regular services with that assignment?

What Congress "has in mind" only seems to matter for really old law. For anything contemporaneous, lawyers will argue over the text of the statute armed with dozens of contradictory definitions for each term culled from centuries of prior court decisions.

For example, the IRS has been working for years to settle on a single definition of "child."

Wrong. What Congress has in mind very much matters when the DoD starts spending money, especially if the appropriations acts (or continuing resolutions) fund something at a completely different level than what the authorization act suggested.

Congress ought to prioritize the spending inside the law either with an explicit funding formula for each line item, or a rank-order system with thresholds (e.g., "all level-1 items must be funded at least 70% and all level-2 items funded at least 50% before any funds are spent on level-3 items"). But then politicians in Congress wouldn't be able to point fingers when specific projects go unfunded.